Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/AAakON-X8W6zSfnmbxtZ0qaay1M.roa
File: AAakON-X8W6zSfnmbxtZ0qaay1M.roa (raw, json)
Hash identifier: lRQVrODiryvOg/nKNyK3Ic2ZZ4Gigr8aqcO+HQewZZ8=
Subject key identifier: 00:06:A4:38:DF:97:F1:6E:B3:49:F9:E6:6F:1B:59:D2:A6:9A:CB:53
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01867E25481054C6B51E7459D7AB7563BCFD
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/AAakON-X8W6zSfnmbxtZ0qaay1M.roa
Signing time: Thu 23 Feb 2023 12:00:17 +0000
ROA not before: Thu 23 Feb 2023 12:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.131.110.0/24 maxlen: 24
45.147.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:25:48:10:54:c6:b5:1e:74:59:d7:ab:75:63:bc:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Feb 23 12:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0006a438df97f16eb349f9e66f1b59d2a69acb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1a:b6:7e:f2:d6:e0:b3:57:1d:28:54:eb:b9:
7e:dc:8f:62:bd:6c:3c:0a:85:4e:b0:74:18:c7:5c:
82:41:3e:d3:07:fc:9b:0e:6e:e2:15:a8:20:6a:3f:
ae:1e:7a:5c:3a:08:50:37:65:c5:cd:f3:3f:e4:88:
07:2f:dd:6e:ce:0b:65:8d:68:86:28:0a:19:71:ff:
38:72:94:31:0a:94:20:fa:b6:b8:55:67:c4:99:cd:
ee:f8:81:e6:43:54:5a:a9:e3:ed:64:1f:a0:6e:bc:
4a:a4:5f:c6:ec:79:d2:26:3e:0a:fb:5e:38:c3:91:
29:a9:79:3d:05:76:79:3f:e4:7b:32:e0:2f:50:9c:
b9:6a:50:44:45:c3:1b:21:f3:81:f0:f8:ae:31:16:
33:df:11:1f:30:6a:c5:e9:7b:b2:a4:a4:02:aa:57:
b5:8f:ec:54:45:c2:52:c1:93:f4:73:ec:a9:f4:6d:
d5:ab:fe:c2:58:0a:b1:e1:ee:c1:26:1d:2a:62:4b:
e8:3f:54:55:04:a5:66:29:7d:1d:de:d2:ab:e5:2b:
4d:84:b5:a3:60:38:1b:42:39:13:d5:04:11:08:86:
6b:a5:47:b9:60:83:0f:16:e1:33:28:e1:be:c9:9b:
c2:97:18:ea:f9:a4:64:7d:01:1c:ff:75:b5:91:be:
98:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:06:A4:38:DF:97:F1:6E:B3:49:F9:E6:6F:1B:59:D2:A6:9A:CB:53
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/AAakON-X8W6zSfnmbxtZ0qaay1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.110.0/24
45.147.5.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:73:73:95:2e:17:ad:8d:e6:66:2a:ae:e6:6d:d2:53:de:90:
21:f3:80:57:0a:8d:f4:b6:18:47:c9:2b:74:93:81:0e:d3:c1:
30:a6:0d:11:51:37:94:da:72:94:db:67:b4:65:bb:42:a7:63:
d7:68:d8:24:cf:84:85:9b:5a:85:0a:5d:ec:ae:e4:9e:9a:a8:
a0:c6:ba:62:55:8f:e3:9f:9b:68:6b:be:a2:f3:4b:9d:49:76:
e9:0d:fa:4f:ea:47:80:6d:f5:c7:c8:76:27:2d:58:bb:e4:bd:
09:f3:bf:f6:2e:2e:e8:f8:8f:bf:46:02:a6:d8:98:60:8e:b8:
21:05:9c:19:1b:7f:db:be:3a:88:b3:87:11:38:4b:48:9c:01:
1a:0a:95:9b:99:fc:11:61:95:1e:c9:cb:62:96:16:4c:60:dd:
38:ef:ff:83:dd:34:3a:6c:04:86:c3:9f:71:a5:b5:8a:dc:5e:
62:c9:b0:3d:27:20:96:a3:b5:b1:e8:21:f6:a1:0a:2a:37:dc:
82:21:13:6a:cd:35:d9:71:55:62:90:4b:2c:09:bd:d0:fa:27:
cb:d9:23:26:cc:92:ed:b6:55:ce:7f:77:26:13:5c:43:71:d5:
41:91:b1:79:6a:67:01:ce:b3:05:56:4e:1d:2f:51:7f:ab:db:
9e:e5:ff:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ+JUgQVMa1HnRZ16t1Y7z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMjIzMTIwMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA2YTQzOGRmOTdmMTZlYjM0OWY5ZTY2ZjFiNTlkMmE2OWFjYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRq2fvLW4LNXHShU67l+3I9ivWw8
CoVOsHQYx1yCQT7TB/ybDm7iFaggaj+uHnpcOghQN2XFzfM/5IgHL91uzgtljWiG
KAoZcf84cpQxCpQg+ra4VWfEmc3u+IHmQ1RaqePtZB+gbrxKpF/G7HnSJj4K+144
w5EpqXk9BXZ5P+R7MuAvUJy5alBERcMbIfOB8PiuMRYz3xEfMGrF6XuypKQCqle1
j+xURcJSwZP0c+yp9G3Vq/7CWAqx4e7BJh0qYkvoP1RVBKVmKX0d3tKr5StNhLWj
YDgbQjkT1QQRCIZrpUe5YIMPFuEzKOG+yZvClxjq+aRkfQEc/3W1kb6YfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAGpDjfl/Fus0n55m8bWdKmmstTMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQUFha09OLVg4VzZ6U2ZubWJ4dFowcWFheTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYNuAwQA
LZMFMA0GCSqGSIb3DQEBCwUAA4IBAQA+c3OVLhetjeZmKq7mbdJT3pAh84BXCo30
thhHySt0k4EO08Ewpg0RUTeU2nKU22e0ZbtCp2PXaNgkz4SFm1qFCl3sruSemqig
xrpiVY/jn5toa76i80udSXbpDfpP6keAbfXHyHYnLVi75L0J87/2Li7o+I+/RgKm
2JhgjrghBZwZG3/bvjqIs4cROEtInAEaCpWbmfwRYZUeyctilhZMYN047/+D3TQ6
bASGw59xpbWK3F5iybA9JyCWo7Wx6CH2oQoqN9yCIRNqzTXZcVVikEssCb3Q+ifL
2SMmzJLttlXOf3cmE1xDcdVBkbF5amcBzrMFVk4dL1F/q9ue5f8C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org